ExamGecko
Search Search Login
Home Home / Fortinet / NSE5_FCT-7.0

Fortinet NSE5_FCT-7.0 Practice Test - Questions Answers, Page 5

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator needs to connect FortiClient EMS as a fabric connector to FortiGate. What is the prerequisite to get FortiClient EMS to connect to FortiGate successfully?
Refer to the exhibit. Based on the Security Fabric automation settings, what action will be taken on compromised endpoints?
What is the function of the quick scan option on FortiClient?
Refer to the exhibit. Based on the FortiClient logs shown in the exhibit which endpoint profile policy is currently applied to the FortiClient endpoint from the EMS server?
Refer to the exhibit. Based on the FortiClient log details shown in the exhibit, which two statements are true? (Choose two.)
Refer to the exhibits, which show a network topology diagram of ZTNA proxy access and the ZTNA rule configuration. An administrator runs the diagnose endpoint record list CLI command on FortiGate to check Remote-Client endpoint information, however Remote-Client is not showing up in the endpoint record list. What is the cause of this issue?
Which component or device shares device status information through ZTNA telemetry?
Which statement about FortiClient enterprise management server is true?
What does FortiClient do as a fabric agent? (Choose two.)
Refer to the exhibit. Which shows multiple endpoint policies on FortiClient EMS. Which policy is applied to the endpoint in the AD group trainingAD?

Question 41

Report
Export
Collapse

Which statement about FortiClient enterprise management server is true?

A.
It provides centralized management of FortiGate devices.
A.
It provides centralized management of FortiGate devices.
Answers
B.
lt provides centralized management of multiple endpoints running FortiClient software.
B.
lt provides centralized management of multiple endpoints running FortiClient software.
Answers
C.
It provides centralized management of FortiClient Android endpoints only.
C.
It provides centralized management of FortiClient Android endpoints only.
Answers
D.
It provides centralized management of Chromebooks running real-time protection
D.
It provides centralized management of Chromebooks running real-time protection
Answers
Suggested answer: B

Explanation:

FortiClient EMS is designed to provide centralized management and control of multiple endpoints running FortiClient software. It serves as a central management server that allows administrators to efficiently manage and configure a large number of FortiClient installations across the network.

Question 42

Report
Export
Collapse

Refer to the exhibit.

Based on the settings shown in the exhibit which statement about FortiClient behavior is true?

A.
FortiClient quarantines infected files and reviews later, after scanning them.
A.
FortiClient quarantines infected files and reviews later, after scanning them.
Answers
B.
FortiClient blocks and deletes infected files after scanning them.
B.
FortiClient blocks and deletes infected files after scanning them.
Answers
C.
FortiClient scans infected files when the user copies files to the Resources folder
C.
FortiClient scans infected files when the user copies files to the Resources folder
Answers
D.
FortiClient copies infected files to the Resources folder without scanning them.
D.
FortiClient copies infected files to the Resources folder without scanning them.
Answers
Suggested answer: A

Explanation:

Action On Virus Discovery Warn the User If a Process Attempts to Access Infected Files Quarantine Infected Files. You can use FortiClient to view, restore, or delete the quarantined file, as well as view the virus name, submit the file to FortiGuard, and view logs. Deny Access to Infected Files Ignore Infected Files

Question 43

Report
Export
Collapse

Refer to the exhibit.

Based on the FortiClient logs shown in the exhibit which application is blocked by the application firewall?

A.
Twitter
A.
Twitter
Answers
B.
Facebook
B.
Facebook
Answers
C.
Internet Explorer
C.
Internet Explorer
Answers
D.
Firefox
D.
Firefox
Answers
Suggested answer: A

Explanation:

the Twitter was Blocked see line 5 in the exibit

Question 44

Report
Export
Collapse

An administrator installs FortiClient on Windows Server.

What is the default behavior of real-time protection control?

A.
Real-time protection must update AV signature database
A.
Real-time protection must update AV signature database
Answers
B.
Real-time protection sends malicious files to FortiSandbox when the file is not detected locally
B.
Real-time protection sends malicious files to FortiSandbox when the file is not detected locally
Answers
C.
Real-time protection is disabled
C.
Real-time protection is disabled
Answers
D.
Real-time protection must update the signature database from FortiSandbox
D.
Real-time protection must update the signature database from FortiSandbox
Answers
Suggested answer: C

Question 45

Report
Export
Collapse

Which three types of antivirus scans are available on FortiClient? (Choose three )

A.
Proxy scan
A.
Proxy scan
Answers
B.
Full scan
B.
Full scan
Answers
C.
Custom scan
C.
Custom scan
Answers
D.
Flow scan
D.
Flow scan
Answers
E.
Quick scan
E.
Quick scan
Answers
Suggested answer: B, C, E

Question 46

Report
Export
Collapse

Which component or device shares device status information through ZTNA telemetry?

A.
FortiClient
A.
FortiClient
Answers
B.
FortiGate
B.
FortiGate
Answers
C.
FortiGate Access Proxy
C.
FortiGate Access Proxy
Answers
D.
FortiClient EMS
D.
FortiClient EMS
Answers
Suggested answer: A

Explanation:

FortiClient communicates directly with FortiClient EMS to continuously share device status information through ZTNA telemetry.

Question 47

Report
Export
Collapse

Refer to the exhibits, which show a network topology diagram of ZTNA proxy access and the ZTNA rule configuration.

An administrator runs the diagnose endpoint record list CLI command on FortiGate to check Remote-Client endpoint information, however Remote-Client is not showing up in the endpoint record list.

What is the cause of this issue?

A.
Remote-Client failed the client certificate authentication.
A.
Remote-Client failed the client certificate authentication.
Answers
B.
Remote-Client provided an empty client certificate to connect to the ZTNA access proxy.
B.
Remote-Client provided an empty client certificate to connect to the ZTNA access proxy.
Answers
C.
Remote-Client has not initiated a connection to the ZTNA access proxy.
C.
Remote-Client has not initiated a connection to the ZTNA access proxy.
Answers
D.
Remote-Client provided an invalid certificate to connect to the ZTNA access proxy.
D.
Remote-Client provided an invalid certificate to connect to the ZTNA access proxy.
Answers
Suggested answer: A

Explanation:

'You can use CLI Command [...] to verify the presence of matching endpoint record [...] If any of the Information is missing or incomplete, client certificate authentication might fail because FortiClient cannot locate corresponding endpoint entry.' There is probably a typo there and it should read: 'because FortiGate cannot locate corresponding endpoint entry.' --> see Admin guide for 'endpoint record list' and CLI command in that context. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/25915/establish-device-identity-and-trust-context-with-forticlient-ems

Question 48

Report
Export
Collapse

Refer to the exhibit, which shows the endpoint summary information on FortiClient EMS.

What two conclusions can you make based on the Remote-Client status shown above? (Choose two.)

A.
The endpoint is classified as at risk.
A.
The endpoint is classified as at risk.
Answers
B.
The endpoint has been assigned the Default endpoint policy.
B.
The endpoint has been assigned the Default endpoint policy.
Answers
C.
The endpoint is configured to support FortiSandbox.
C.
The endpoint is configured to support FortiSandbox.
Answers
D.
The endpoint is currently off-net.
D.
The endpoint is currently off-net.
Answers
Suggested answer: B, D

Question 49

Report
Export
Collapse

Refer to the exhibit, which shows the Zero Trust Tagging Rule Set configuration.

Which two statements about the rule set are true? (Choose two.)

A.
The endpoint must satisfy that only Windows 10 is running.
A.
The endpoint must satisfy that only Windows 10 is running.
Answers
B.
The endpoint must satisfy that only AV software is installed and running.
B.
The endpoint must satisfy that only AV software is installed and running.
Answers
C.
The endpoint must satisfy that antivirus is installed and running and Windows 10 is running.
C.
The endpoint must satisfy that antivirus is installed and running and Windows 10 is running.
Answers
D.
The endpoint must satisfy that only Windows Server 2012 R2 is running.
D.
The endpoint must satisfy that only Windows Server 2012 R2 is running.
Answers
Suggested answer: C, D
Total 49 questions
Go to page: of 5
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms